This is the error when running nmap in debug mode:

NSE: [GetaSploit 192.168.0.184:21] Nmap detection worked.
NSE: [GetaSploit 192.168.0.184:21] Nmap detection: cpe => cpe:/a:vsftpd:vsftpd:3.0.3 | version => 3.0.3
NSE: [GetaSploit 192.168.0.184:21] CVEScannerV2 detection worked.
NSE: [GetaSploit 192.168.0.184:21] CVEScannerV2 detection: product => vsftpd | version => 3.0.3 | vupdate => * | range_from => nil | range_to => nil
NSE: GetaSploit against 192.168.0.184:21 threw an error!
/usr/bin/../share/nmap/scripts/CVEScannerV2.nse:511: attempt to index a nil value (local 'cur')
stack traceback:
/usr/bin/../share/nmap/scripts/CVEScannerV2.nse:511: in upvalue 'vulnerabilities'
/usr/bin/../share/nmap/scripts/CVEScannerV2.nse:574: in upvalue 'nmap_analysis'
/usr/bin/../share/nmap/scripts/CVEScannerV2.nse:693: in function </usr/bin/../share/nmap/scripts/CVEScannerV2.nse:668>
(...tail calls...)

The OS is "22.04.1 LTS (Jammy Jellyfish)"

I've tried multiple Operating Systems and builds and they all have the same issue.

Can you please shed some light on what is causing this error?

Thanks in advance

Product version and printed CVEs doesn't match

On of my assets, I saw that Nmap has recognized Mailenable version 10.3 but the CVEScannerV2 has printed some CVES that all fixed on Mailenable 8.6, how can we solve it to have a better match based on product version ?

here is the output :
"cvescannerv2": "\n product: mailenable\n version: 10.43\n vupdate: *\n cves: 7\n \tCVE ID \tCVSSv2\tCVSSv3\tExploitDB \tMetasploit\n \tCVE-2007-0955 \t7.8 \t- \tNo \tNo \n \tCVE-2015-9277 \t7.5 \t9.1 \tNo \tNo \n \tCVE-2015-9280 \t5.0 \t10.0 \tNo \tNo \n \tCVE-2010-2580 \t5.0 \t- \tNo \tNo \n \tCVE-2015-9278 \t5.0 \t9.8 \tNo \tNo \n \tCVE-2015-9279 \t4.3 \t6.1 \tNo \tNo \n \tCVE-2012-0389 \t4.3 \t- \tYes \tNo \n ",

Duplication

Hello there, I don't know why but I get the cvescannerv2 output with duplication, why it mentions the CVEs three times ?

root@ubuntu20:/usr/share/nmap/scripts# nmap -sV --script default,banner-plus.nse,ssl-cert,ssl-date,ssl-enum-ciphers,cvescannerv2 xxx -p 443,80,444 -Pn
Starting Nmap 7.80 ( https://nmap.org ) at 2023-09-05 13:50 +0330
NSE: [cvescannerv2] Timestamp: 2023-09-05T10:20:45+00:00
NSE: [cvescannerv2] CVE data source: nvd.nist.gov
NSE: [cvescannerv2] Script version: 3.0
Nmap scan report for xxxx
Host is up (0.085s latency).

PORT STATE SERVICE VERSION
80/tcp open http nginx 1.18.0 (Ubuntu)

443/tcp open ssl/http nginx 1.18.0 (Ubuntu)

444/tcp open ssl/http nginx 1.18.0 (Ubuntu)

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 68.58 seconds

Parsing Error

Hello world,

I got this error

Python.3.9_3.9.2544.0_x64__qbz5n2kfra8p0\lib\encodings\cp1252.py", line 23, in decode
return codecs.charmap_decode(input,self.errors,decoding_table)[0]
UnicodeDecodeError: 'charmap' codec can't decode byte 0x9d in position 20988183: character maps to .

Any support

Db updater error

Hi there, I've tried to create the cve.db daily ... but the database.py has error. plz help me figure it out
Here is the error :

database-updater_1 |
database-updater_1 | CVEScannerV2 Copyright (C) 2022-2023 Sergio Chica Manjarrez @ pervasive.it.uc3m.es.
database-updater_1 | Universidad Carlos III de Madrid.
database-updater_1 | This program comes with ABSOLUTELY NO WARRANTY; for details check below.
database-updater_1 | This is free software, and you are welcome to redistribute it
database-updater_1 | under certain conditions; check below for details.
database-updater_1 |
database-updater_1 | [*] Updating database...
database-updater_1 | Traceback (most recent call last):
database-updater_1 | File "/app/database.py", line 694, in
database-updater_1 | update_db(args, thread_objs, populate=not Path(args.database).is_file())
database-updater_1 | File "/app/database.py", line 517, in update_db
database-updater_1 | last = db.cached_metadata()
database-updater_1 | File "/app/database.py", line 196, in cached_metadata
database-updater_1 | return self.cursor.fetchone()[0]
database-updater_1 | TypeError: 'NoneType' object is not subscriptable

here is my Dockerfile:

Use a base image that provides Python and SQLite

FROM python:3.9

Install system dependencies

RUN apt-get update && apt-get install -y sqlite3 jq curl

Set the working directory

WORKDIR /app

Copy your application files to the container

COPY . .

Install Python dependencies

RUN pip install -r requirements.txt

Configure .api file

RUN echo "$API_KEY" > .api

Run the database update script

CMD ["python3", "database.py"]

Add flag to skip exploit-db scrape.

Or be able to use a proxy

Not find some vulnerabilities for Microsoft-IIS/7.5

Greetings! The script does not find vulnerabilities CVE-2010-2730, CVE-2010-3972 and CVE-2010-1899. On the port, the Microsoft server is IIS/7.5.

nmap  -sV --script ./cvescannerv2.nse X.X.X.X -d -vvv
Starting Nmap 7.80 ( https://nmap.org ) at 2024-03-05 15:04 +07
PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0)
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI: 
NSE: Loaded 46 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 2) scan.
Initiating NSE at 15:04
NSE: Starting cvescannerv2.
NSE: [cvescannerv2] Timestamp: 2024-03-05T08:04:20+00:00
NSE: [cvescannerv2] CVE data source: nvd.nist.gov
NSE: [cvescannerv2] Script version: 3.1.2
NSE: Finished cvescannerv2.
Completed NSE at 15:04, 0.01s elapsed
NSE: Starting runlevel 2 (of 2) scan.
Initiating NSE at 15:04
Completed NSE at 15:04, 0.00s elapsed
Initiating Ping Scan at 15:04
Scanning X.X.X.X [2 ports]
Completed Ping Scan at 15:04, 0.37s elapsed (1 total hosts)
Overall sending rates: 5.40 packets / s.
mass_rdns: Using DNS server 127.0.0.53
Initiating Parallel DNS resolution of 1 host. at 15:04
mass_rdns: 0.00s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 15:04, 0.00s elapsed
DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 1, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 15:04
Scanning X.X.X.X [1000 ports]
Discovered open port 110/tcp on X.X.X.X
Discovered open port 25/tcp on X.X.X.X
Discovered open port 80/tcp on X.X.X.X
Completed Connect Scan at 15:04, 20.93s elapsed (1000 total ports)
Overall sending rates: 95.92 packets / s.
Initiating Service scan at 15:04
Scanning 3 services on X.X.X.X
Completed Service scan at 15:04, 14.85s elapsed (3 services on 1 host)
NSE: Script scanning X.X.X.X.
NSE: Starting runlevel 1 (of 2) scan.
Initiating NSE at 15:04
NSE: Starting cvescannerv2 against X.X.X.X:25.
NSE: Finished cvescannerv2 against X.X.X.X:25.
NSE: Starting cvescannerv2 against X.X.X.X.
NSE: Finished cvescannerv2 against X.X.X.X.
NSE: Starting vmware-version against X.X.X.X:80.
NSE: Starting https-redirect against X.X.X.X:80.
NSE: Starting hnap-info against X.X.X.X:80.
NSE: Starting cvescannerv2 against X.X.X.X:110.
NSE: Finished cvescannerv2 against X.X.X.X:110.
NSE: Starting cvescannerv2 against X.X.X.X:80.
NSE: [cvescannerv2 X.X.X.X:80] nmap cpe: cpe:/a:microsoft:iis:7.5 | version: 7.5
NSE: Starting http-trane-info against X.X.X.X:80.
NSE: [cvescannerv2 X.X.X.X:80] http.request socket error: The script encountered an error:
- ssl failed:
- Failed to connect:
- Could not connect:
- TIMEOUT
NSE: [cvescannerv2 X.X.X.X:80] Error processing request http://X.X.X.X:80/ => Error creating socket.
NSE: [cvescannerv2 X.X.X.X:80] cpe => cpe:/a:microsoft:iis:7.5 | version => 7.5
NSE: [cvescannerv2 X.X.X.X:80] product => iis | version => 7.5
NSE: Finished cvescannerv2 against X.X.X.X:80.
NSE: [vmware-version X.X.X.X:80] Couldn't download file: /sdk
NSE: Finished vmware-version against X.X.X.X:80.
NSE: Finished https-redirect against X.X.X.X:80.
NSE: [hnap-info X.X.X.X:80] HTTP: Host returns proper 404 result.
NSE: [http-trane-info X.X.X.X:80] HTTP: Host returns proper 404 result.
NSE: Finished hnap-info against X.X.X.X:80.
NSE: Finished http-trane-info against X.X.X.X:80.
Completed NSE at 15:05, 2.95s elapsed
NSE: Starting runlevel 2 (of 2) scan.
Initiating NSE at 15:05
NSE: Starting http-server-header against X.X.X.X:80.
NSE: Finished http-server-header against X.X.X.X:80.
Completed NSE at 15:05, 1.75s elapsed
Nmap scan report for X.X.X.X
Host is up, received syn-ack (0.35s latency).
Scanned at 2024-03-05 15:04:20 +07 for 41s
Not shown: 997 filtered ports
Reason: 997 no-responses
PORT    STATE SERVICE REASON  VERSION
25/tcp  open  smtp    syn-ack hMailServer smtpd
80/tcp  open  http    syn-ack Microsoft IIS httpd 7.5
|_http-server-header: Microsoft-IIS/7.5
|_cvescannerv2: 
110/tcp open  pop3    syn-ack hMailServer pop3d
Service Info: Host: A8W12.ru; OS: Windows; CPE: cpe:/o:microsoft:windows
Final times for host: srtt: 348779 rttvar: 48079  to: 541095

NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 2) scan.
Initiating NSE at 15:05
NSE: Starting cvescannerv2.
NSE: Finished cvescannerv2.
Completed NSE at 15:05, 0.00s elapsed
NSE: Starting runlevel 2 (of 2) scan.
Initiating NSE at 15:05
Completed NSE at 15:05, 0.00s elapsed
Read from /usr/bin/../share/nmap: nmap-payloads nmap-service-probes nmap-services.
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 41.19 seconds

scmanjarrez / cvescannerv2 Goto Github PK

cvescannerv2's Issues